APT
朝鲜APT LAZARUS 在供应链攻击中使用 MAGICLINE4NX 零日漏洞
大家好,我是紫队安全研究。建议大家把公众号“紫队安全研究”设为星标,否则可能就无法及时看到啦!因为公众号现在只对常读和星标的公众号才能大图推送。操作...
APT-C-43(Machete)组织疑向更多元化演变
APT-C-43 MacheteAPT-C-43(Machete)组织最早由卡巴斯基于2014年披露,该组织的攻击活动集中于拉丁美洲具备西班牙语背景的目标,其主要通过社会工程学...
新手法!APT28组织最新后门内置大量被控邮箱(可成功登录)用于窃取数据
文章首发地址:https://xz.aliyun.com/t/14123文章首发作者:T0daySeeker概述近期,笔者在浏览网络中威胁情报信息的时候,发现美国securityscorecard安全公司...
朝鲜APT Kimsuky 团伙利用新ScreenConnect 漏洞作案
黑客正在利用最近披露的 ScreenConnect 漏洞来部署先前与朝鲜威胁组织Kimsuky相关的恶意软件菌株的新变种。这种新恶意软件被 Kroll 的研究人员称为 ToddlerSh...
猎影追踪:APT37利用朝鲜政治话题针对韩国的攻击活动分析
近日,安恒信息猎影实验室在日常威胁狩猎中发现APT37组织多次利用朝鲜相关政治话题诱饵,向目标用户下发ROKRAT木马窃取信息。针对韩国的APT组织APT37组织又名...
Russian cyberespionage group APT29 targeting cloud vulnerabilities
APT29 uses brute forcing and password spraying attacks to access service accounts. (Adobe Stock) APT29 使用暴力破解和密码喷射攻击来访问服务帐户。 ...
CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day
The Trend Micro Zero Day Initiative discovered the vulnerability CVE-2024-21412 which we track as ZDI-CAN-23100, and alerted Microsoft of a Microso...
WINRAR RCE VULNERABILITY SPOTLIGHT: APT29’S ZERO-DAY TACTICS
Introduction 介绍 During the beginning of September 2023, APT29, a group linked with Russia’s Foreign Intelligence Service (SVR) conducted a cybera...
TinyTurla-NG in-depth tooling and command and control analysis
Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the in...
TinyTurla Next Generation – Turla APT spies on Polish NGOs
Cisco Talos has identified a new backdoor authored and operated by the Turla APT group, a Russian cyber espionage threat group. This new backdoor w...